Red Hat Security Advisory: Red Hat Build of Apache Camel 4.18.1 for Spring Boot release.
Red Hat build of Apache Camel 4.18.1 for Spring Boot patch release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Security Fix(es): * artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication (CVE-2026-27446) * spring-boot: Spring Boot: Authentication bypass via misconfigured Health Group additional path (CVE-2026-22731) * plexus-utils: Plexus-utils: Directory Traversal in extractFile method (CVE-2025-67030) * netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values (CVE-2026-33870) * netty-codec-http: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood (CVE-2026-33871) * netty-codec-http2: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood (CVE-2026-33871) * jetty-ee10-annotations: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * jetty-ee10-apache-jsp: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * jetty-ee10-plus: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * jetty-ee10-servlet: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * jetty-ee10-servlets: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * jetty-ee10-webapp: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * kafka-clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management (CVE-2026-35554) * camel-infinispan: camel-infinispan: Remote Code Execution via Unsafe Deserialization (CVE-2026-6857) * bcprov-debug-jdk15on: GOSTCTR implementation unable to process more than 255 blocks correctly (CVE-2025-14813) * bcprov-jdk15on: GOSTCTR implementation unable to process more than 255 blocks correctly (CVE-2025-14813) * bcprov-jdk18on: GOSTCTR implementation unable to process more than 255 blocks correctly (CVE-2025-14813) * bcprov-lts8on: GOSTCTR implementation unable to process more than 255 blocks correctly (CVE-2025-14813) * bcpkix-jdk15on: PKIX draft CompositeVerifier accepts empty signature sequence as valid (CVE-2026-5588) * bcpkix-jdk18on: PKIX draft CompositeVerifier accepts empty signature sequence as valid (CVE-2026-5588) * bcpg-jdk18on: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion (CVE-2026-3505) * bcprov-debug-jdk15on: LDAP injection vulnerability in LDAPStoreHelper.java (CVE-2026-0636) * bcprov-jdk15on: LDAP injection vulnerability in LDAPStoreHelper.java (CVE-2026-0636) * bcprov-jdk18on: LDAP injection vulnerability in LDAPStoreHelper.java (CVE-2026-0636) * bcprov-lts8on: LDAP injection vulnerability in LDAPStoreHelper.java (CVE-2026-0636) * spring-boot: Spring Boot: Weak pseudo-random number generation can lead to information disclosure. (CVE-2026-40975) * camel-mail: Camel-Mail: Altered application behavior via header injection (CVE-2026-33454) * camel-jms: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-google-pubsub: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-http: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-http-base: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-http-common: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-http-starter: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-jms: Apache Camel: Remote Code Execution via deserialization of JMS ObjectMessage (CVE-2026-40860) * camel-amqp: Apache Camel: Remote Code Execution via deserialization of JMS ObjectMessage (CVE-2026-40860) * camel-http-base: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers (CVE-2026-40022) * camel-http-common: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers (CVE-2026-40022) * camel-http: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers (CVE-2026-40022) * camel-http-starter: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers (CVE-2026-40022) * camel-infinispan-common: Apache Camel camel-infinispan: Arbitrary code execution via deserialization of untrusted data (CVE-2026-40858) * camel-infinispan-embedded: Apache Camel camel-infinispan: Arbitrary code exe
Red Hat Security Advisory: Red Hat Build of Apache Camel 4.18.1 for Spring Boot release.
Description
Red Hat build of Apache Camel 4.18.1 for Spring Boot patch release and security update is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Security Fix(es): * artemis-server: Apache Artemis, Apache ActiveMQ Artemis: Message injection and exfiltration due to missing authentication (CVE-2026-27446) * spring-boot: Spring Boot: Authentication bypass via misconfigured Health Group additional path (CVE-2026-22731) * plexus-utils: Plexus-utils: Directory Traversal in extractFile method (CVE-2025-67030) * netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values (CVE-2026-33870) * netty-codec-http: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood (CVE-2026-33871) * netty-codec-http2: Netty: Denial of Service via HTTP/2 CONTINUATION frame flood (CVE-2026-33871) * jetty-ee10-annotations: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * jetty-ee10-apache-jsp: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * jetty-ee10-plus: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * jetty-ee10-servlet: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * jetty-ee10-servlets: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * jetty-ee10-webapp: early return from the JASPIAuthenticator class without clearing ThreadLocal variables (CVE-2026-5795) * kafka-clients: Apache Kafka Clients: Information disclosure and data corruption due to race condition in producer buffer management (CVE-2026-35554) * camel-infinispan: camel-infinispan: Remote Code Execution via Unsafe Deserialization (CVE-2026-6857) * bcprov-debug-jdk15on: GOSTCTR implementation unable to process more than 255 blocks correctly (CVE-2025-14813) * bcprov-jdk15on: GOSTCTR implementation unable to process more than 255 blocks correctly (CVE-2025-14813) * bcprov-jdk18on: GOSTCTR implementation unable to process more than 255 blocks correctly (CVE-2025-14813) * bcprov-lts8on: GOSTCTR implementation unable to process more than 255 blocks correctly (CVE-2025-14813) * bcpkix-jdk15on: PKIX draft CompositeVerifier accepts empty signature sequence as valid (CVE-2026-5588) * bcpkix-jdk18on: PKIX draft CompositeVerifier accepts empty signature sequence as valid (CVE-2026-5588) * bcpg-jdk18on: unbounded PGP AEAD chunk size leads to pre-auth resource exhaustion (CVE-2026-3505) * bcprov-debug-jdk15on: LDAP injection vulnerability in LDAPStoreHelper.java (CVE-2026-0636) * bcprov-jdk15on: LDAP injection vulnerability in LDAPStoreHelper.java (CVE-2026-0636) * bcprov-jdk18on: LDAP injection vulnerability in LDAPStoreHelper.java (CVE-2026-0636) * bcprov-lts8on: LDAP injection vulnerability in LDAPStoreHelper.java (CVE-2026-0636) * spring-boot: Spring Boot: Weak pseudo-random number generation can lead to information disclosure. (CVE-2026-40975) * camel-mail: Camel-Mail: Altered application behavior via header injection (CVE-2026-33454) * camel-jms: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-google-pubsub: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-http: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-http-base: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-http-common: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-http-starter: Apache Camel: Remote Code Execution and Arbitrary File Write via case-variant header injection (CVE-2026-40453) * camel-jms: Apache Camel: Remote Code Execution via deserialization of JMS ObjectMessage (CVE-2026-40860) * camel-amqp: Apache Camel: Remote Code Execution via deserialization of JMS ObjectMessage (CVE-2026-40860) * camel-http-base: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers (CVE-2026-40022) * camel-http-common: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers (CVE-2026-40022) * camel-http: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers (CVE-2026-40022) * camel-http-starter: Apache Camel: Information disclosure and authentication bypass in embedded HTTP/management servers (CVE-2026-40022) * camel-infinispan-common: Apache Camel camel-infinispan: Arbitrary code execution via deserialization of untrusted data (CVE-2026-40858) * camel-infinispan-embedded: Apache Camel camel-infinispan: Arbitrary code exe
Weaknesses
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2026:17668
- Cve Count
- 23
- Additional Cves
- ["CVE-2025-67030","CVE-2026-0636","CVE-2026-2332","CVE-2026-3505","CVE-2026-5588","CVE-2026-5795","CVE-2026-6857","CVE-2026-22731","CVE-2026-27446","CVE-2026-33453","CVE-2026-33454","CVE-2026-33870","CVE-2026-33871","CVE-2026-35554","CVE-2026-40022","CVE-2026-40453","CVE-2026-40858","CVE-2026-40860","CVE-2026-40972","CVE-2026-40973","CVE-2026-40975","CVE-2026-41635"]
- Cvss Version
- null
Threat ID: 6a160958e29bf47b5061fbc1
Added to database: 5/26/2026, 8:58:00 PM
Last updated: 5/26/2026, 9:00:08 PM
Views: 1
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.